Overview

overview

10

Static

static

dridex

windows10_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    871ade5fb9590ba6ed569d6198accc5f063d59956ed9b27357b01f708eee9be7

  • Size

    1.1MB

  • Sample

    220106-pv99qsbfcj

  • MD5

    f95afc4f4d4dd6e17ac7aab68b78fa25

  • SHA1

    3c0e26fdeceea3ab875142f9b51f4ac40cdd3f28

  • SHA256

    871ade5fb9590ba6ed569d6198accc5f063d59956ed9b27357b01f708eee9be7

  • SHA512

    e48e6029d3faf6a95f338561d9b33e1ae3fb64a74eb28d7dac89c7644a2fb559a454edd513a333c479731af42757c11fde3c897930c9f903d73fedb17d234bae

Score
10/10
danabot4bankertrojan

Malware Config

Extracted

Family

danabot

Botnet

4

C2

142.11.244.223:443

192.236.194.72:443

192.119.110.4:443
Attributes
  • embedded_hash

    8357B947FCA843DB2D85EC29EDCDEF3C

  • type

    loader

rsa_pubkey.plain
rsa_privkey.plain

Targets

    • Target

      871ade5fb9590ba6ed569d6198accc5f063d59956ed9b27357b01f708eee9be7

    • Size

      1.1MB

    • MD5

      f95afc4f4d4dd6e17ac7aab68b78fa25

    • SHA1

      3c0e26fdeceea3ab875142f9b51f4ac40cdd3f28

    • SHA256

      871ade5fb9590ba6ed569d6198accc5f063d59956ed9b27357b01f708eee9be7

    • SHA512

      e48e6029d3faf6a95f338561d9b33e1ae3fb64a74eb28d7dac89c7644a2fb559a454edd513a333c479731af42757c11fde3c897930c9f903d73fedb17d234bae

    Score
    10/10
    danabot4bankertrojan

    • Danabot

      Danabot is a modular banking Trojan that has been linked with other malware.

      trojanbankerdanabot

    • Loads dropped DLL

    behavioral1

MITRE ATT&CK Matrix

Tasks